Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Cisco Revamps Patch Release Schedule

The routing and switching giant will release bundles of IOS security alerts on the fourth Wednesday of the month in March and September each year.

Cisco Systems is moving to a predictable patch release cycle for security advisories affecting its Internetwork Operating System.The routing and switching giant is planning to release bundles of IOS Security Advisories on the fourth Wednesday of the month in March and September of each calendar year.The new policy begins March 26 and only affects IOS advisories, the company said in a notice posted online.All other non-IOS Cisco security vulnerabilities will continue to be announced per Cisco's standard disclosure policy. Cisco generally ships product patches every week, mostly on Tuesdays.Cisco IOS software is used to power routing, switching, internetworking and telecommunications functions on most Cisco Systems routers and all current Cisco network switches. The software package also includes a multitasking operating system.Cisco says the twice-a-year patch release cycle "will not restrict us from promptly publishing an individual IOS security advisory for a serious vulnerability which is publicly disclosed or for which we are aware of active exploitation.""Cisco is adopting this approach in response to extensive feedback from customers, who seek further predictability for support planning and deployment cycles," the company added, noting that the existing format of IOS Security Advisories will not see any changes.Cisco is following two other high-profile vendors on the predictable patch release cycle train. Microsoft was the first to adopt a Patch Tuesday cycle for its Windows updates while Oracle has implemented a quarterly update process on prescheduled dates.Cisco and Oracle have led the way in its adoption of the CVSS (Common Vulnerability Scoring Standard), the vendor-neutral system for rating software severity risk.